• A
  • A
  • A
  • АБВ
  • АБВ
  • АБВ
  • А
  • А
  • А
  • А
  • А
Обычная версия сайта

Operation Systems Security

2024/2025
Учебный год
ENG
Обучение ведется на английском языке
6
Кредиты
Статус:
Курс обязательный
Когда читается:

Course Syllabus

Abstract

Operating system security is the field of knowledge about the architecture of operating systems, built-in mechanisms for ensuring and monitoring information security. This discipline examines the security criteria of computer systems, the concept of creating a highly reliable computing base, the basis of identification, authentication, authorization and access control. The study reveals in detail aspects of the work of information security monitoring centers based on an OS security audit. The discipline also examines information system vulnerabilities and attacks on information systems. Separately, aspects of the work of destructive software influences (malware and tools of attackers when carrying out attacks on information systems) are studied. During training, monitoring of student knowledge is provided in the form of recording student activity at the seminar and exam
Learning Objectives

Learning Objectives

  • Introduction to the principles of operating system security
  • Developing skills in setting up security and audit mechanisms
  • Developing skills to identify signs of an attack using operating system logs
  • Formation of an idea about the work of an analyst of the Security Operations Center (SOC)
Expected Learning Outcomes

Expected Learning Outcomes

  • Defines the basic concepts and objectives of operating system security
  • Knows the security principles of Windows NT operating systems
  • Knows the security mechanisms of Linux Kernel
  • Can configure auditing in Windows family operating systems
  • Knows the principles of built-in and additional auditing in Windows family operating systems
  • Can configure auditing in the Linux kernel
  • Knows the built-in and additional auditing mechanisms in the Linux kernel
  • Can configure auditing of a domain environment using Active Directory as an example
  • Knows the principles of identification, authentication and authorization of subjects of the Active Directory domain environment (NTLM, Kerberos, LDAP, SMB protocols)
  • Knows aspects of the vulnerability management process in an organization
  • Knows the classification of information system vulnerabilities
  • Knows the classification of attacks on information systems (MITRE ATT&CK, KillChain)
  • Knows aspects of attack mitigation and detection (according to MITRE ATT&CK)
  • Knows the main methods of attacks on information systems using malware
  • Knows aspects of mitigation and detection of attacks using malware
  • Knows the topology of a typical corporate computing network
Course Contents

Course Contents

  • Introduction to the subject
  • Basic security principles of Windows NT
  • Basic security principles of Linux kernel
  • Basic principles of Windows OS security audit
  • Basic principles of Linux kernel security audit
  • Basic security principles for an Active Directory domain environment
  • Vulnerabilities of information systems
  • Attacks on information systems
  • Malicious software (malware)
  • Key aspects of building a secure information systems
Assessment Elements

Assessment Elements

  • Partially blocks (final) grade/grade calculation Практическая работа 1
  • Partially blocks (final) grade/grade calculation Практическая работа 2
  • Partially blocks (final) grade/grade calculation Практическая работа 3
  • non-blocking Экзамен
Interim Assessment

Interim Assessment

  • 2024/2025 2nd module
    0.2 * Практическая работа 1 + 0.2 * Практическая работа 2 + 0.2 * Практическая работа 3 + 0.4 * Экзамен
Bibliography

Bibliography

Recommended Core Bibliography

  • Теоретические основы компьютерной безопасности : учеб. пособие, Кабанов, А. С., 2012

Recommended Additional Bibliography

  • Современные операционные системы, Таненбаум, Э., 2018

Authors

  • SMIRNOV DANIL VADIMOVICH
  • AKSENOVA OLGA VENIAMINOVNA